Hello got a kind of stupid question.Usually, when trying to access a normal server, we generate a key pair on a jumphost and move the public key to the server, so that we can always access the server from the jumphost (as per authentication). I know ...
Hello I have a question regarding the RMA process of a standby unit in a ASA cluster. Here are the steps that I have concluded, please correct/add where im wrong: Configure hostname ,Install/Verify boot image and asdm is same as primary.Activate with...
Hello
i was wondering if it's possible to use PBR on a site to site vpn between 2 asas, using static routes . Obviously, with version after 9.4.1 that supports PBR.
Hello
i recently found out that Vfilter on ASA VPNs is considered stateless and always configured inbound. So let's take the following example:
R1---20.0.0.0/24---ASA1---(10.0.0.0/24)-----ASA2----30.0.0.0/24---R2
If i want to ssh from R1 to R2, then ...
In this specific scenario though, how exactly does it work? 1. I go on the router, i type the command and generate public and private key on the router itself. Does the public key somehow gets listed on the jumpserver (in known hosts)? I want to unde...
Thanks, it was sorted, sorry for the delay , i had account issues. One more thing, in this case was lucky, since it had no need to configure any firepower (SFR module) on it, thus left it to default 5.4.1 version. Is there a guide how to RMA the mod...
Thanks Marius, i know i can check if there are certificates via CLI with:show crypto ca certificate Is there a way to check the xml profiles as well? I assume a show flash/disk will show if there are any? Although in theory, there could be some but ...
Hi Balaji thanks, you mean to take the backup from the primary one which is active? I I will take the show run anyway or even from asdm, in case there are anyconnect profiles. 1. But i was wondering for example, hostnames, do you usually configure ...
Yes, i was talking about config of ASA1. However, i do remember a friend mentioning that in his case a TAC engineer told him that vfilter is stateless, which is why im not sure i understand 'technically' how a stateless vfilter can bypass acls with s...
